 <?php
header('Content-Type: application/json; charset=utf-8');


// 简单允许方法：GET

if (($_SERVER['REQUEST_METHOD'] ?? '') !== 'GET') {

    http_response_code(405);

    echo json_encode(['error' => 'Method Not Allowed'], JSON_UNESCAPED_UNICODE);

    exit;

}


// 只有在携带 type=xianyu 参数时才允许返回

$reqType = $_GET['type'] ?? null;

if ($reqType !== 'xianyu') {

    http_response_code(400);

    echo json_encode(['error' => 'Invalid request parameter', 'need_type' => 'xianyu'], JSON_UNESCAPED_UNICODE);

    exit;

}


require_once __DIR__ . '/../lib/db.php';

require_once __DIR__ . '/../lib/external.php';


$cfg = require __DIR__ . '/../config.php';


$externalBase = $cfg['external_base_url'] ?? '';

$deviceCode = $cfg['device_code'] ?? '';

$deviceCodeMd5 = $cfg['device_code_md5'] ?? '';

$sqlitePath = $cfg['sqlite_path'] ?? (__DIR__ . '/../data/sendcard.sqlite');


if ($externalBase === '' || $deviceCode === '' || $deviceCodeMd5 === '') {

    http_response_code(500);

    echo json_encode(['error' => 'Config missing'], JSON_UNESCAPED_UNICODE);

    exit;

}


$externalUrl = $externalBase . '?device_code=' . rawurlencode($deviceCode) . '&device_code_md5=' . rawurlencode($deviceCodeMd5);


try {

    $resp = sendcard_fetch_credentials($externalUrl);

    $httpStatus = $resp['http_status'];

    $json = $resp['json'];


    $externalMsg = isset($json['msg']) ? (string)$json['msg'] : null;

    $externalCode = isset($json['code']) ? (string)$json['code'] : null;


    $data = is_array($json['data'] ?? null) ? $json['data'] : null;

    if ($data === null) {

        http_response_code(502);

        echo json_encode(['error' => 'External response missing data'], JSON_UNESCAPED_UNICODE);

        exit;

    }


    // 仅给请求端返回 token；其它字段仅用于 SQLite 备档

    $token = isset($data['token']) ? (string)$data['token'] : null;


    $pdo = sendcard_get_pdo($sqlitePath);

    sendcard_init_db($pdo);


    $stmt = $pdo->prepare(

        'INSERT INTO cursor_login_backups (

            external_msg, external_code,

            external_id, email, token, createTime, lastTokenTime, status,

            deviceCode, activationCode, useTime, lastId, deleted, emailLastStatus,

            useCount, pwd, type, updateTime, banName,

            webToken, cpName, comeStatus, comePushTime,

            freeSevenStatus, windsurfUseStatus, windsurfStatus, windsurfToken,

            windsurfPwd, windsurfUseTime, raw_json

        ) VALUES (

            :external_msg, :external_code,

            :external_id, :email, :token, :createTime, :lastTokenTime, :status,

            :deviceCode, :activationCode, :useTime, :lastId, :deleted, :emailLastStatus,

            :useCount, :pwd, :type, :updateTime, :banName,

            :webToken, :cpName, :comeStatus, :comePushTime,

            :freeSevenStatus, :windsurfUseStatus, :windsurfStatus, :windsurfToken,

            :windsurfPwd, :windsurfUseTime, :raw_json

        )'

    );


    // 一次回调：把 external data 的字段拆出来逐列存储

    $stmt->execute([

        ':external_msg' => $externalMsg,

        ':external_code' => $externalCode,

        ':external_id' => isset($data['id']) ? (int)$data['id'] : null,

        ':email' => $data['email'] ?? null,

        ':token' => $token,

        ':createTime' => $data['createTime'] ?? null,

        ':lastTokenTime' => $data['lastTokenTime'] ?? null,

        ':status' => isset($data['status']) ? (int)$data['status'] : null,

        ':deviceCode' => $data['deviceCode'] ?? null,

        ':activationCode' => $data['activationCode'] ?? null,

        ':useTime' => $data['useTime'] ?? null,

        ':lastId' => isset($data['lastId']) ? (int)$data['lastId'] : null,

        ':deleted' => isset($data['deleted']) ? (int)$data['deleted'] : null,

        ':emailLastStatus' => isset($data['emailLastStatus']) ? (int)$data['emailLastStatus'] : null,

        ':useCount' => isset($data['useCount']) ? (int)$data['useCount'] : null,

        ':pwd' => $data['pwd'] ?? null,

        ':type' => isset($data['type']) ? (int)$data['type'] : null,

        ':updateTime' => $data['updateTime'] ?? null,

        ':banName' => $data['banName'] ?? null,

        ':webToken' => $data['webToken'] ?? null,

        ':cpName' => $data['cpName'] ?? null,

        ':comeStatus' => isset($data['comeStatus']) ? (int)$data['comeStatus'] : null,

        ':comePushTime' => $data['comePushTime'] ?? null,

        ':freeSevenStatus' => isset($data['freeSevenStatus']) ? (int)$data['freeSevenStatus'] : null,

        ':windsurfUseStatus' => isset($data['windsurfUseStatus']) ? (int)$data['windsurfUseStatus'] : null,

        ':windsurfStatus' => isset($data['windsurfStatus']) ? (int)$data['windsurfStatus'] : null,

        ':windsurfToken' => $data['windsurfToken'] ?? null,

        ':windsurfPwd' => $data['windsurfPwd'] ?? null,

        ':windsurfUseTime' => $data['windsurfUseTime'] ?? null,

        ':raw_json' => json_encode($json, JSON_UNESCAPED_UNICODE),

    ]);


    if ($token === null || $token === '') {

        http_response_code(502);

        echo json_encode(['error' => 'External response missing token', 'external_http_status' => $httpStatus], JSON_UNESCAPED_UNICODE);

        exit;

    }


    // 只返回 token 给请求端

    echo json_encode(['token' => $token], JSON_UNESCAPED_UNICODE);

} catch (Throwable $e) {

    http_response_code(502);

    echo json_encode(['error' => 'Bad Gateway', 'detail' => $e->getMessage()], JSON_UNESCAPED_UNICODE);

    exit;

}